This wallet-draining Google Play malware has been installed over half a million times - these are the apps to watch out for

You could have been subscribed to various premium services

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A newly-detected mobilemalwarefamily has been sitting in theGoogle Play Storeand raking up mobile bills for hundreds of thousands of people, new findings have said.

Cybersecurity researchers from Kasperskyrecently discoveredFleckpe, which they say was integrated into at least 11 Android apps that have cumulatively been downloaded roughly 620,000 times.

The apps are mostly image editors, wallpapers, beauty apps, and similar.

Targeting Malaysians and Indonesians

When a victim installs the app, the malware would silently trigger either a one-time, or monthly, subscription, to certain premium services. These premium services could either belong to a third party, with the malware operators getting a cut, or they could belong to the threat actors themselves, allowing them to take the full amount.

Whatever the case may be, the attackers earned quite the sum, as the researchers found the malware active at least since 2022, although the exact sum is unknown. Most of the victims are located in Thailand, Malaysia, Indonesia, Singapore, and Poland, with a smaller percentage being scattered around the world.

“All of the apps had been removed from the marketplace by the time our report was published, but the malicious actors might have deployed other, as yet undiscovered, apps, so the real number of installations could be higher,” Kaspersky said.

This dangerous Android malware is seeing a huge rise in infections>Dangerous new ‘Hook’ Android malware lets hackers remotely control your phone>Check out the best endpoint protection software right now

The full list of the malicious apps can be found onthis link. Users are advised to uninstall them immediately, and run anantivirusscan to clean up any residual code.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

This type of malware will not ask for a ransom payment, and won’t destroy the data on the endpoint, but it could steal personally identifiable information, and will definitely result in higher charges from the telecoms provider. To prevent such incidents, it’s advised to check the reviews and ratings on the app store before downloading anything.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

How to turn off Meta AI